SailPoint’s formal announcement of its intent to acquire Entro Security — framed specifically around accelerating and strengthening AI security — carries clear strategic implications for the IGA market’s trajectory. The acquisition is not just a product capability addition; it is a statement about where the identity governance discipline is heading and what enterprise customers will expect from IGA platforms over the next three to five years.
The “accelerate and strengthen AI security” framing signals that SailPoint views AI governance as a present-day competitive differentiator, not a future roadmap aspiration. Enterprise customers are already deploying AI agents, already encountering the governance gaps those deployments expose, and already looking to their IGA platform vendors for solutions. The Entro acquisition positions SailPoint to meet that demand with native capabilities rather than third-party integrations or manual workarounds.
The identity lifecycle management implications are particularly significant. AI agents require lifecycle governance that mirrors, in most respects, the lifecycle governance that IGA programmes have long applied to human users: a defined onboarding process that establishes the agent’s identity and initial permissions; periodic access reviews that confirm the agent’s permissions remain appropriate; and a deprovisioning process that ensures credentials are revoked when the agent is retired or its role changes. Entro’s technology provides the secrets management layer that makes this lifecycle governance operationally practical.
For IGA practitioners benchmarking their programmes against the capabilities that leading vendors are now delivering, the Entro acquisition establishes a new baseline. A mature IGA programme in 2026 governs human users, machine accounts, and AI agents within a unified framework — with consistent entitlement visibility, access certification, and lifecycle management across all identity classes. Programmes that have not yet built this unified governance capability have a defined gap to close.
The acquisition also creates competitive pressure across the IGA market. Saviynt, Omada, and other IGA vendors will be evaluated against SailPoint’s combined human-plus-machine identity governance capability — and will need to demonstrate equivalent depth to remain competitive for enterprise deals where AI governance is a procurement criterion.
Source: SailPoint